Privacy Policy

 Arts North West Privacy Policy

September  2011

Part A – Our Personal Information Handling Practices

 Our obligations under the Privacy Act 1988

This privacy policy sets out how we comply with our obligations under the Privacy Act 1988.
 Section 6EA of the Privacy Act allows small business operators and incorporated associations like Arts North West, who would otherwise not be covered by the Privacy Act, to choose to be treated as an organisation for the purposes of the Act and therefore subject to the National Privacy Principles. Businesses opting-in to be covered by the Privacy Act are making a public commitment to good privacy practice. This option has been made available in order to provide
small businesses with the opportunity to benefit from any increase in consumer confidence and trust that may be derived from operating under the Privacy Act.

In particular this policy outlines how we are bound by the Information Privacy Principles (IPPs) in the Privacy Act which regulate how agencies may collect, use, disclose and store personal information and how individuals may access and correct personal information held about them.

 

In this privacy policy, personal information (as defined in the Privacy Act) means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.

 Collection

It is our usual practice to collect personal information directly from the individual.

 Sometimes we collect personal information from a third party or a publicly available source, but only if the individual has consented to such collection or would reasonably expect us to
collect their personal information in this way, or if it is necessary for a specific purpose such as the investigation of a privacy complaint.

 In limited circumstances we may receive personal information about third parties from individuals who contact us and supply us with the personal information of others in the documents they provide to us.  In these circumstances we will attempt to ensure that the consent of those third parties is obtained if we think we may need to use or disclose that information.

 We only collect personal information for purposes which are directly related to our objectives as laid out in our Constitution.

 We also collect personal information as part of our normal communication
processes directly related to those purposes, including:

•    When an individual emails staff members

•    When an individual phones us we may store their phone number on our telephone system

•    When an individual hands us their business card.

 

 Use and disclosure

We only use personal information for the purposes for which it was given to us, or for purposes which are directly related to one of our functions or activities, and we do not give it to other
government agencies, organisations or anyone else unless one of the following applies:

•    the individual has consented

•    the individual would reasonably expect, or has been told, that information of that kind is usually passed to those individuals, bodies or agencies

•    it is required or authorised by law

•    it will prevent or lessen a serious and imminent threat to somebody's life or health

•    it is reasonably necessary for
the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue.

 

Data quality

We take steps to ensure that the personal information we collect is accurate, up to date and complete.  These steps include maintaining and updating personal information when we are advised by individuals that their personal information has changed, and at other times as necessary.

 

Data security

We take steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse.  These steps include password protection for electronic data, securing paper files in locked cabinets and physical access restrictions.

 

When no longer required, personal information is destroyed in a secure manner or deleted.

 

 Access and correction

If an individual requests access to the personal information we hold about them, or requests that we change that personal information, we will allow access or make the changes unless we consider that there is a sound reason under the Privacy Act,
Freedom of Information Act 1982 (Cth) (FOI Act) or other relevant law to withhold the information.

 

If we do not agree to provide access to personal information the individual may seek a review of our decision or may appeal our decision under the FOI Act.

 

If we do not agree to make requested changes to personal information the individual may make a statement about the requested changes and we will attach this to the record.

 

Individuals can obtain further information about how to request access or changes to the information we hold about them by contacting us (see details below).

 

 How to contact us

Individuals can obtain further information in relation to this privacy policy, or provide any comments, by contacting us:

 

Telephone

(02) 6732 4988

Post

PO Box 801

Glen Innes NSW 2370

Facsimile

+61 2 67324995

Email

office@artsnw.com.au


Part B - Our Files

This section provides further details about how we handle specific types of files that contain personal information.

 Funding and Projects
Database

 Purpose

The purpose
of the funding and enquiries database is to register and store information about regional arts funding and projects relating to the objectives of our organisation.

 

The personal information in the database relates to enquirers, participants, respondents, and authorised representatives.  It also relates to employees of agencies or organisations which we have auspiced or partnered with.

 Collection

We collect personal information on this database from individuals or their authorised representatives.  We also collect personal information on this database from agencies and organisations which we have audited.

 Use and disclosure

The personal information on the funding and projects database is used for the purpose of recording and managing arts funding and development. In particular it is used for making contact with participants, generating correspondence and promotion of related events and services.

 

Data quality

We maintain and update personal information in the complaints and enquiries database
as necessary or when we are advised by individuals that their personal information has changed.

 

Data security

Personal information is stored in an electronic records management database or hard copy files located within the secure offices of Arts North West.

When no longer required, personal information on the database is
destroyed in a secure manner or deleted.

 

Access and correction

For information about how to access or correct personal information held in enquiries files see Access and correction in Part A of this document.

 

Enquiries Files

Purpose

We maintain enquiries files containing personal information for the purpose of responding to enquiries.

 

Collection

We collect personal information directly from the individual making the enquiry or their authorised representative.

 

In the course of responding to some enquiries, we may collect personal information
from publicly available sources such as websites or telephone directories for the purpose of making contact with the enquirer.

 

Use and disclosure

We only use personal information collected from an enquirer to respond to the enquiry or to
make referrals which the enquirer has consented to or is reasonably likely to expect us to make.

 

Sometimes, if the enquirer consents, we will pass on their personal information to other Office staff, government departments or organisations for the purpose of following up their enquiry.

 

Data quality

We maintain and update personal information in our enquiries files as necessary or when we are advised by individuals that their personal information has changed.

 

Access and correction

For information about how to access or correct personal information held in enquiries files see Access and correction in Part A of this document.

Policy Files

Purpose

The purpose of policy files is to store policy correspondence, analysis, working papers and other documents that relate to our functions to:

•    provide advice

•    examine policy relation to our objectives

•    issue guidelines

•    make determinations

•    undertake research and

•    approve funding and.

 

The limited personal information in policy files relates to correspondence and submissions from people with an interest in regional arts issues, and people working for or representing agencies or organisations with an interest in regional arts.  This includes people working for an organisation, group or association representing a particular sector of the community.


Collection

We collect personal information in policy files directly from individuals or their agencies or organisations, or from publicly available sources such as websites or telephone directories.

 

Use and disclosure

Personal information in policy files is only used for the purpose of undertaking policy research and providing advice.

 

The personal information on policy files is not disclosed to other agencies, organisations or anyone else without consent unless: the individual would reasonably expect, or has been told, that information of that kind is usually passed to those agencies, organisations or individuals; or the disclosure is required or authorised by law.

 

Data quality

We maintain and update personal information in our policy files as necessary or when we
are advised by individuals that their personal information has changed.

 

Data security

Policy files are stored in either password protected electronic media or in locked cabinets in paper form. When no longer required, personal information in policy files is destroyed in a
secure manner or deleted.

 

Access and correction

For information about how to access or correct personal information in policy files see

Access and correction in Part A of this document.

 

Public Awareness and Education Files

 

Purpose

The purpose of public awareness and education files is to record details of public awareness and educational activities, such as contact with the media, speeches, event management and
publication preparation.

 

The limited personal information in public awareness and education files relates to
agencies, organisations, individuals, media representatives, event attendees, privacy service providers and events calendar listings which appear on our website, and educational institutions with an interest in information privacy.

 Collection

It is our usual practice to collect personal information in public awareness and education files directly from individuals.

 

Sometimes we may collect personal information from an individual’s representative or from publicly available sources such as websites or telephone directories.

 

Use and disclosure

We only use the personal information in public awareness and education files for the
purposes of undertaking public awareness and education initiatives and managing public relations.

 

The personal information on public awareness and education files is not disclosed to other agencies, organisations or anyone else without consent unless: the individual
would reasonably expect, or has been told, that information of that kind is usually passed to

those agencies, organisations or individuals; or the disclosure is required or authorised by law.

 

Data quality

We maintain and update personal information in our public awareness and education
files as necessary or when we are advised by individuals that their personal information has changed.

 

Data security

Public awareness and education files are stored in either password protected electronic
media or in locked cabinets in paper form. When no longer required, personal information in public awareness and education files is destroyed in a secure manner or deleted.

 

Access and correction

For information about how to access or correct personal information in public awareness and education files see  Access and correction in Part A of this document.

 

Contacts Lists

Purpose

We maintain contacts lists which include contact information about individuals who may
have an interest in regional arts and creative opportunities.  We use these contacts lists to
distribute information about our activities and publications.

 

Collection

It is our usual practice to collect personal information in contacts lists directly from individuals, for example, where they have asked to be added to a contact list.

 

Sometimes we collect personal information from a third party or from a publicly available source such as a website or telephone directory.  We usually only collect personal information in this way if the individual would reasonably expect us to or has given their consent.  For instance we might collect this information if we thought that the individual (or the
organisation they work for) would like to receive information about a consultation we are carrying out, or that they might be likely to consider information about the Privacy
Act useful in the work they do.  We would only contact this individual in their work capacity.

 

Use and disclosure

We only use personal information in contacts lists for the purpose of managing public and stakeholder relations.

 

We do not give personal information about an individual to other agencies, organisations or anyone else without consent unless: the individual would reasonably expect, or has
been told, that information of that kind is usually passed to those agencies,
organisations or individuals; or the disclosure is required or authorised by law.

 

Data quality

We maintain and update personal information in our contacts lists when we are advised by
individuals that their personal information has changed.  We also regularly audit
contacts lists to check the currency of the contact information. In the course of updating the lists we will remove contact information of individuals who no longer wish to be contacted.

 

Data security

The personal information in the contacts lists is stored in either password
protected electronic media or in locked cabinets in paper form.  When
no longer required, personal information in contacts lists is destroyed in a
secure manner or deleted.

 

Routine access to contacts lists is limited to the database operators who have responsibility for maintaining the contacts lists.  Other staff members have access to the personal information in contacts lists on a need to know basis.

 

Access and correction

For information about how to access or correct personal information in our contacts lists see Access and correction in Part A of this document.

 Administrative Files

 Administrative files including personnel and other corporate services records for our Office are managed and held by our office for internal use only.

Part C - Our Website

 This section explains how we handle personal information collected from our website www.artsnw.com.au.

 

Users are advised that there are inherent risks in transmitting information across the internet. Individuals may contact our Office by phone or mail if they have concerns about making
contact via the internet.  For further information see How to contact us in Part A of this document.

 

Collection

When individuals only browse the website, we do not collect their personal information.

 

Sometimes, we collect personal information that individuals choose to give us
via online forms or by email, for example when individuals:

•    ask to be on an email list such as the Arts North West E-Bulletin or media releases

•    join other Arts North West networks

•    make a written enquiry to the Office via email

•    send the Office a written communication

•    send a request to speak to a compliance officer via an affiliated organisation or service

When an individual looks at our website, our internet service provider makes a record of the individual’s visit and logs (in server logs) the following information for statistical purposes:

•    the pages the individual accessed and documents downloaded.

 

We do not identify users or their browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect the internet service provider's server logs.

 

 Cookies

Our website uses session cookies during a search query of the website and when an individual accesses the Privacy Events RSS feed and web-based calendar.  Our internet service provider does not employ cookies on our website except in those circumstances. The website statistics for this site are generated from the server logs as outlined above.

 

When an individual closes their browser the session cookie set by our website is destroyed and no personal information is maintained which might identify an individual should they visit our website at a later date.



Use and disclosure

We only use personal information collected via our website for the purposes for which it was given to us.

 

We do not share personal information about individuals with other government agencies, organisations or any one else unless one of the following applies:

 

•    the individual has consented

•    the individual would reasonably expect, or has been told, that information of that kind is usually passed to those individuals, bodies or agencies

•    it is required or authorised by law

•    it will prevent or lessen a serious and imminent threat to somebody's life or health

•    the disclosure is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue.

 

When an individual’s email address is received by us because they sent us a message, the email address will only be used or disclosed for the purpose for which they have provided it and it will not be added to a mailing list or used or disclosed for any other purpose without the individual’s consent.

 

Data quality

We maintain and update personal information collected from or published
on our website as necessary or when we are advised by individuals that their personal information has changed.

 

Data security

 Individuals who choose to join our email lists, complete online forms or lodge enquiries will have their contact details stored on password protected databases.

 

Staff members associated with website maintenance have access to our
website’s backend system which is password protected.  Our website server, hosted by our internet service provider, is also password protected.

 

Access and correction

For information about how to access or correct personal information collected on our website see  Access and correction in Part A of this document.